If you have a Gmail account, you should be concerned. Why? Because there are millions of malicious emails that are sent to users of Gmail every day.
Now while Google upsets many people for many reasons, they do a pretty good job at keeping your email account secure. And they provide a number of tools to accomplish that task. The problem is not usually Google, the problem is usually in the “seat” and that’s you buddy.
All of you fools using the same password across multiple accounts are potential victims of “credential stuffing” and those of you using the same pass code across multiple accounts are just, well dumb. No offense. But really, it’s just stupid.
Stolen Gmail Account Credentials
If you want to know if your email address and it’s associated password have been included in any of the 12+ billion stolen records we have access to, head over to my company’s website Protect Now and plug your email address and any associated passwords in to see if you have been breached. And don’t worry, we don’t have access to any of your data nor do we store your information.
If you want to engage in best practices regarding your Google account, head over to Googles Security Checkup and run through your security settings. You’re crazy (or lazy) if you don’t.
Google is pretty secure, though, and many of these scammy emails are stopped right in their tracks. However, not all of them are, and if you use a corporate Gmail account, you could be more at risk than others. Here are some statistics for you to take a look at:
- Scammers send more than 4 times the number of malware emails to corporate Gmail accounts than they do to personal Gmail accounts.
- Scammers send more than 6 times the number of phishing emails to corporate Gmail accounts than they do to personal Gmail accounts.
- Scammers send more than 4 times the number of spam emails to corporate Gmail accounts than they do to personal Gmail accounts.
Focusing on Threats to Corporate Gmail Accounts
You may be shocked to know that scammers like to focus on certain Gmail corporate accounts than others. For instance, when you think of all the corporate email addresses out there, educational entities and non-profits are more than two times more likely to be attacked with malware than others.
Google is Doing Its Best to Stop the Scammers
Google is well aware of these threats, and it has taken some big steps to stop the hacks. First, the company has installed an email classifier, which has an almost 100 percent accuracy rate when detecting scammy emails. Google also can send alerts to people who want to visit websites that are known for phishing or malware.
On top of that, Google offers two-step verification when users want to access their accounts, and the company also uses a hosted S/MIME feature, which
is helping to ensure that content of any email is secure and safe when it’s sent.
Finally, Google uses a TLS encryption indicator, which, when used, means that only the person you send the email to can read it.
Identifying a Phishing Email
Though Google has done a great job at stopping these threats, you may still find them getting into your email box. Here are some tips:
- Expect the Unexpected – Most of the phishing emails out there look remarkably like legitimate emails. Thoroughly examine any email before you download files or click on links.
- See Who Sent It – If you don’t know the sender’s name, be cautious, especially if the email asks for account information, including passwords.
- Don’t Click on Links – Additionally, you should make sure that you are not clicking on links that appear in emails. If you must go to the site, type the address into the browser manually.
- Look at Grammar – You also want to take a look at the grammar in emails. A lot of typos or bad grammar is a sure sign of a scam.
- Notice Threatening Language – Finally, if you notice any threats in the email, it is probably a scam. A great example of this is “your account has been compromised.”
This is definitely not a full list of scams, but it does give you a good idea of what you might be up against. If something looks like a scam, it probably is.
Written by Robert Siciliano, CEO of Credit Parent, Head of Training & Security Awareness Expert at Protect Now, #1 Best Selling Amazon author, Media Personality & Architect of CSI Protection Certification.